nano-banana-2
Pass
Audited by Gen Agent Trust Hub on Jul 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute the
runcomfyCLI tool. The documentation explicitly notes that user input is passed as a JSON string to avoid shell expansion vulnerabilities. - [CREDENTIALS_UNSAFE]: References standard credential management for the RunComfy service, utilizing either a local configuration file (
~/.config/runcomfy/token.json) with owner-only permissions or theRUNCOMFY_TOKENenvironment variable. This follows security best practices. - [EXTERNAL_DOWNLOADS]: Fetches generated image outputs from
*.runcomfy.netand*.runcomfy.com. The skill documentation describes a built-in whitelist and a 2 GiB file size cap to mitigate potential disk-exhaustion or exfiltration risks. - [PROMPT_INJECTION]: No malicious prompt injection patterns were detected. The skill provides guidance on effective prompting and acknowledges the inherent risks of image-based prompt injection in external models as a known technical limitation.
Audit Metadata